# # spec file for package openldap2 (Version 2.4.15) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: openldap2 BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel %if %sles_version == 9 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif Version: 2.4.15 Release: 1 Url: http://www.openldap.org License: BSD 3-Clause; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Servers Provides: ldap2 openldap2-back-ldap openldap2-back-monitor Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep Summary: The OpenLDAP Server %else Group: Productivity/Networking/LDAP/Servers Conflicts: openldap-client Summary: The OpenLDAP Server %endif AutoReqProv: on Source: openldap-%{version}.tar.bz2 Source1: openldap-rc.tgz Source2: addonschema.tar.gz Source3: DB_CONFIG Source4: sasl-slapd.conf Source5: README.update Source100: openldap-2.3.37.tar.bz2 Patch: openldap2.dif Patch2: slapd_conf.dif Patch3: ldap_conf.dif Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch9: openldap2-add-gnu-source.diff Patch11: slapd-bconfig-del-db.dif Patch14: slapo-collect-include.dif Patch15: slapd-ldap_back_entry_get_rw-ITS6003.diff Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The Lightweight Directory Access Protocol (LDAP) is used to access online directory services. It runs directly over TCP and can be used to access a stand-alone LDAP directory service or to access a directory service that has an X.500 back-end. Authors: -------- The OpenLDAP Project %if "%{name}" == "openldap2" %package -n openldap2-back-perl License: BSD 3-Clause Summary: OpenLDAP Perl Back-End Requires: openldap2 = %{version} perl = %{perl_version} AutoReqProv: on Group: Productivity/Networking/LDAP/Servers %description -n openldap2-back-perl The OpenLDAP Perl back-end allows you to execute Perl code specific to different LDAP operations. Authors: -------- The OpenLDAP Project %package -n openldap2-back-meta License: BSD 3-Clause Summary: OpenLDAP Meta Back-End Requires: openldap2 = %{version} AutoReqProv: on Group: Productivity/Networking/LDAP/Servers Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz %description -n openldap2-back-meta The OpenLDAP Meta back-end is able to perform basic LDAP proxying with respect to a set of remote LDAP servers. The information contained in these servers can be presented as belonging to a single Directory Information Tree (DIT). Authors: -------- The OpenLDAP Project %else %package -n openldap2-devel License: BSD 3-Clause; openldap 2.8 Summary: Libraries, Header Files and Documentation for OpenLDAP AutoReqProv: on # bug437293 %ifarch ppc64 Obsoletes: openldap2-devel-64bit %endif # Conflicts: openldap-devel %if %suse_version >= 1110 Requires: libldap-2_4-2 = %{version} cyrus-sasl-devel libopenssl-devel %else Requires: libldap-2_4-2 = %{version} cyrus-sasl-devel openssl-devel %endif Group: Development/Libraries/C and C++ %description -n openldap2-devel This package provides the OpenLDAP libraries, header files, and documentation. Authors: -------- The OpenLDAP Project %package -n libldap-2_4-2 License: BSD 3-Clause; openldap 2.8 Summary: OpenLDAP Client Libraries AutoReqProv: on Group: Productivity/Networking/LDAP/Clients %description -n libldap-2_4-2 This package contains the OpenLDAP client libraries. Authors: -------- The OpenLDAP Project %endif %prep %setup -q -n openldap-%{version} -a1 -a2 -b100 %patch %patch2 %patch3 %patch4 %patch6 %if %suse_version > 920 %patch7 %endif %patch9 -p1 %patch11 %patch14 -p1 %patch15 cp %{SOURCE5} . cd ../openldap-2.3.37 %patch100 %if %suse_version == 1100 %patch200 -p1 %endif %build %{?suse_update_config:%{suse_update_config -f build}} libtoolize --force autoreconf export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE" ./configure --prefix=/usr \ --exec-prefix=/usr \ --sysconfdir=%{_sysconfdir} \ --localstatedir=/var/run/slapd \ --libexecdir=/usr/lib/openldap \ --libdir=%{_libdir} \ --mandir=%{_mandir} \ --enable-wrappers \ --enable-aclgroups \ --enable-spasswd \ --enable-modules \ --enable-shared \ --enable-dynamic \ --with-tls \ --with-cyrus-sasl \ --enable-crypt \ --enable-ipv6=yes \ %if "%{name}" == "openldap2" --enable-aci \ --enable-bdb \ --enable-hdb \ --enable-rewrite \ --enable-ldap=yes \ --enable-meta=mod \ --enable-monitor=yes \ --enable-perl=mod \ --enable-slp \ --enable-overlays=yes \ %else --disable-slapd \ %endif --enable-lmpasswd \ --with-yielding-select make depend make %{?jobs:-j%jobs} %if "%{name}" == "openldap2" # build a static slapcat binary from the OpenLDAP 2.3 release # to be able to update existing databases cd ../openldap-2.3.37 %{?suse_update_config:%{suse_update_config -f build}} libtoolize --force #aclocal -I build autoreconf export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED" ./configure --prefix=/usr --exec-prefix=/usr --sysconfdir=/etc \ --localstatedir=/var/run/slapd --libexecdir=/usr/lib/openldap \ --libdir=%{_libdir} --mandir=%{_mandir} --enable-aci \ --enable-hdb --enable-bdb --enable-ldbm --enable-crypt \ --enable-ipv6=no \ --enable-ldap --enable-monitor --enable-meta --enable-rewrite \ --enable-dynamic=no --enable-shared=no make depend make %{?jobs:-j%jobs} %endif %check # calculate the base port to be use in the test-suite SLAPD_BASEPORT=10000 if [ -f /.buildenv ] ; then . /.buildenv SLAPD_BASEPORT=$(($SLAPD_BASEPORT + ${BUILD_INCARNATION:-0} * 10)) fi export SLAPD_BASEPORT %ifnarch %arm alpha rm -f tests/scripts/test019-syncreplication-cascade rm -f tests/scripts/test023-refint rm -f tests/scripts/test022-ppolicy rm -f tests/scripts/test033-glue-syncrepl rm -f tests/scripts/test036-meta-concurrency rm -f tests/scripts/test039-glue-ldap-concurrency rm -f tests/scripts/test043-delta-syncrepl rm -f tests/scripts/test045-syncreplication-proxied rm -f tests/scripts/test048-syncrepl-multiproxy rm -f tests/scripts/test050-syncrepl-multimaster make SLAPD_DEBUG=0 test %endif %install mkdir -p $RPM_BUILD_ROOT/etc/init.d mkdir -p $RPM_BUILD_ROOT/usr/sbin make DESTDIR=$RPM_BUILD_ROOT install install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2 install -m 644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2/slapd.conf install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so* %if "%{name}" == "openldap2" mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates install -m 644 sysconfig.openldap $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.openldap install -m 644 *.schema $RPM_BUILD_ROOT/etc/openldap/schema install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/var/lib/ldap/DB_CONFIG install -m 644 $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example $RPM_BUILD_ROOT/var/lib/ldap/DB_CONFIG.example install -d $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/ install -m 644 SuSEfirewall2.openldap $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/openldap rm -f `find doc/guide ! -name *.html -a ! -name *.gif -a ! -name *.png -a ! -type d` rm -rf doc/guide/release rm -f $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example rm -f $RPM_BUILD_ROOT/etc/openldap/schema/README rm -f $RPM_BUILD_ROOT/var/run/slapd/openldap-data/DB_CONFIG.example # install 2.3 slapcat install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat %endif rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-ndb.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sql.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5 # Remove *.la files, libtool does not handle this correct rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la #put filelists into files cat >openldap2.filelist < openldap2-client.filelist < libldap.filelist < openldap2-devel.filelist < openldap2-back-perl.filelist < openldap2-back-meta.filelist < /dev/null || : /usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/bash -c "User for OpenLDAP" -d \ /var/lib/ldap ldap 2> /dev/null || : # try to figure out if a db update is needed if [ ${1:-0} -gt 1 ] && [ -f /usr/lib/openldap/slapd ] && /usr/bin/strings /usr/lib/openldap/slapd | \ grep "slapd 2.3" 2>&1 > /dev/null; then # create a backup of the schema shipped with 2.3 # at least core.schema changed between 2.3 and 2.4 TEMPDIR=`mktemp -d /etc/openldap/schema.backup.XXXXXX` echo "Schema backup created in $TEMPDIR" cp -p --remove-destination /etc/openldap/schema/* $TEMPDIR echo $TEMPDIR > /etc/openldap/UPDATE_NEEDED ; fi %post if [ ${1:-0} -gt 1 ] && [ -f %{_libdir}/sasl2/slapd.conf ] ; then cp /etc/sasl2/slapd.conf /etc/sasl2/slapd.conf.rpmnew cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf fi %{fillup_and_insserv -n openldap ldap} %{remove_and_set -n openldap OPENLDAP_RUN_DB_RECOVER} # convert database if needed if [ -f /etc/openldap/UPDATE_NEEDED ] ; then read SCHEMA_BACKUP < /etc/openldap/UPDATE_NEEDED SLAPD_CONF=/etc/openldap/slapd.conf sed -e "s;/etc/openldap/schema/;$SCHEMA_BACKUP/;g" \ < $SLAPD_CONF > $SCHEMA_BACKUP/slapd.conf.update LOGFILE="slaptool.log" BACKENDS=`grep ^database $SLAPD_CONF | awk '{print $2}'` DIRECTORIES=(`grep ^directory $SLAPD_CONF | awk '{print $2}'`) MSG="" db_num=0 dir_num=0 restart="" /etc/init.d/ldap status 2&>1 > /dev/null if [ "$?" = "0" ]; then /etc/init.d/ldap stop restart="1" fi for i in $BACKENDS; do db_num=$((db_num+1)); if [ "x$i" = "xbdb" ] || [ "x$i" = "xhdb" ] || [ "x$i" = "xldbm" ] ; then db_dir=${DIRECTORIES[$dir_num]}; if [ -f $db_dir/id2entry.bdb ] || [ -f $db_dir/id2entry.dbb ] ; then rm $db_dir/__db* ; mkdir $db_dir/db_bak ; echo "Dumping database to: $db_dir/ldapbak.ldif.$db_num" ; /usr/sbin/openldap-2.3-slapcat -T c \ -f $SCHEMA_BACKUP/slapd.conf.update \ -n $db_num -l $db_dir/ldapbak.ldif.$db_num 2>> $db_dir/$LOGFILE; if [ "x$i" = "xldbm" ] ; then mv $db_dir/*.dbb $db_dir/db_bak/ ; else mv $db_dir/*.bdb $db_dir/db_bak/ ; mv $db_dir/log.* $db_dir/db_bak/ ; fi mv $db_dir/alock $db_dir/db_bak/ ; rm -f $db_dir/__db* ; fi dir_num=$((dir_num+1)); fi done db_num=0 dir_num=0 sed -i -e "s;ldbm;bdb;g" $SLAPD_CONF for i in $BACKENDS; do db_num=$((db_num+1)); if [ "x$i" = "xbdb" ] || [ "x$i" = "xhdb" ] || [ "x$i" = "xldbm" ] ; then db_dir=${DIRECTORIES[$dir_num]}; if [ -s $db_dir/ldapbak.ldif.$db_num ] ; then if [ `wc -l $db_dir/ldapbak.ldif.$db_num | awk '{print $1}'` -lt 2500000 ]; then if [ "x$i" = "xldbm" ] ; then echo "Converting $i database to bdb in $db_dir" ; # Create default DB_CONFIG for better performance echo "set_cachesize 0 15000000 1" > $db_dir/DB_CONFIG echo "set_lg_regionmax 262144" >> $db_dir/DB_CONFIG echo "set_lg_bsize 2097152" >> $db_dir/DB_CONFIG echo "set_flags DB_LOG_AUTOREMOVE" >> $db_dir/DB_CONFIG else echo "Restoring $i database in $db_dir" ; fi slapadd -q -n $db_num -f $SLAPD_CONF -l $db_dir/ldapbak.ldif.$db_num 2>> $db_dir/$LOGFILE ; if [ $? -ne 0 ]; then MSG="$MSG\nFailed to restore database in $db_dir"; MSG="$MSG\nPlease restore manually from the LDIF dump $db_dir/ldapbak.ldif.$db_num\n"; else rm -f $db_dir/ldapbak.ldif.$db_num rm -rf $db_dir/db_bak/ fi else MSG="$MSG\nPlease restore the database in $db_dir manually by using"; MSG="$MSG\nslapadd with the LDIF dump $db_dir/ldapbak.ldif.$db_num\n"; fi fi dir_num=$((dir_num+1)); fi done if [ "$MSG" ] ; then echo -e "$MSG"; else rm -f /etc/openldap/UPDATE_NEEDED ; if [ $restart ]; then /etc/init.d/ldap start fi fi fi %preun %stop_on_removal ldap %postun %restart_on_update ldap %insserv_cleanup %files -f openldap2.filelist %defattr(-,root,root) %files -n openldap2-back-perl -f openldap2-back-perl.filelist %defattr(-,root,root) %files -n openldap2-back-meta -f openldap2-back-meta.filelist %defattr(-,root,root) %else %post -n libldap-2_4-2 -p /sbin/ldconfig %postun -n libldap-2_4-2 -p /sbin/ldconfig %files -f openldap2-client.filelist %defattr(-,root,root) %files -n libldap-2_4-2 -f libldap.filelist %defattr(-,root,root) %files -n openldap2-devel -f openldap2-devel.filelist %defattr(-,root,root) %endif %changelog * Fri Mar 20 2009 rhafer@suse.de - Update to 2.4.15. Most important changes: * Fixed slapd bconfig conversion again (ITS#5346) * Fixed slapd behavior with superior objectClasses again (ITS#5517) * Fixed slapd RFC4512 behavior with same attr in RDN (ITS#5968) * Fixed slapd corrupt contextCSN (ITS#5947) * Fixed slapd syncrepl order to match on add/delete (ITS#5954) * Fixed slapd adding rdn with other values (ITS#5965) * Fixed slapd-bdb/hdb behavior with unallocatable shm (ITS#5956) * Fixed slapd-ldap/meta with entries with invalid attrs (ITS#5959) * Fixed slapo-pcache caching invalid entries (ITS#5927) * Fixed slapo-syncprov csn updates (ITS#5969) * Added libldap option to disable SASL host canonicalization (ITS#5812) * Fixed libldap chasing multiple referrals (ITS#5853) * Fixed libldap setuid usage with .ldaprc (ITS#4750) * Fixed libldap deref handling (ITS#5768) * Fixed libldap NULL pointer deref (ITS#5934) * Fixed libldap peer cert memory leak (ITS#5849) * Fixed libldap intermediate response behavior (ITS#5896) * Fixed libldap IPv6 address handling (ITS#5937) * Fixed libldap_r deref building (ITS#5768) * Fixed libldap_r slapd lockup when paused during shutdown (ITS#5841) * Fixed slapd acl checks on ADD (ITS#4556,ITS#5723) * Fixed slapd acl application to newly created backends (ITS#5572) * Fixed slapd bconfig to return error codes (ITS#5867) * Fixed slapd bconfig encoding incorrectly (ITS#5897) * Fixed slapd bconfig dangling pointers (ITS#5924) * Fixed slapd epoll handling (ITS#5886) * Fixed slapd glue with MMR (ITS#5925) * Fixed slapd listener comparison (ITS#5613) * Fixed various syncrepl issues (ITS#5809,ITS#5850, ITS#5843, ITS#5866, ITS#5901, ITS#5881, ITS#5935, ITS#5710, ITS#5781, ITS#5809, ITS#5798, ITS#5826) * Fixed slapd-bdb/hdb dncachesize handling (ITS#5860) * Fixed slapd-bdb/hdb trickle task usage (ITS#5864) * Fixed slapd-hdb idlcache with empty suffix (ITS#5859) * Wed Jan 07 2009 olh@suse.de - obsolete old -XXbit packages (bnc#437293) * Fri Dec 12 2008 rhafer@suse.de - Fixed openldap2-devel dependencies (bnc#457989) * Tue Dec 09 2008 rhafer@suse.de - Fixed a bug in the threadpool implementation that could cause slapd to lockup when shutting down while the pool is paused. (bnc#450457, ITS#5841) * Fri Nov 28 2008 rhafer@suse.de - Disable the slapadd trickle-task it cause performance issues when using libdb-4.5 (bnc#449641) - removed obsolete configure option (ldbm backend does not exist in OpenLDAP 2.4) * Fri Nov 21 2008 ro@suse.de - update check-build.sh * Wed Nov 05 2008 rhafer@suse.de - Fixed database shutdown sequence (bnc#441774, ITS#5745) * Tue Nov 04 2008 rhafer@suse.de - Handle ldbm databases in updates from 2.3 release (bnc#440589) * Thu Oct 23 2008 rhafer@suse.de - the helper function to create various LDAP controls returned wrong error codes under certain circumstances (bnc#429064, ITS#5762) - Fixed referral chasing in chain-overlay (bnc#438088, ITS#5742) - Fixed back-config integration of overlays with private instances of databases (translucent, chain, ...) (bnc#438094, ITS#5736) * Mon Oct 13 2008 rhafer@suse.de - Added missing #include to slapo-collect * Sun Oct 12 2008 rhafer@suse.de - Update to 2.4.12. Most important changes: * Fixed libldap ldap_utf8_strchar arguments (ITS#5720) * Fixed libldap TLS_CRLFILE (ITS#5677) * Fixed librewrite memory handling (ITS#5691) * Fixed slapd attribute leak (ITS#5683) * Fixed slapd config backend with index greater than sibs (ITS#5684) * Fixed slapd custom attribute inheritance (ITS#5642) * Fixed slapd firstComponentMatch normalization (ITS#5634) * Fixed slapd connection events enabled twice (ITS#5725) * Fixed slapd memory handling (ITS#5691) * Fixed slapd objectClass canonicalization (ITS#5681) * Fixed slapd objectClass termination (ITS#5682) * Fixed slapd overlay control registration (ITS#5649) * Fixed slapd runqueue checking (ITS#5726) * Fixed slapd sortvals comparison (ITS#5578) * Fixed slapd syncrepl contextCSN detection (ITS#5675) * Fixed slapd syncrepl error logging (ITS#5618) * Fixed slapd syncrepl runqueue interval (ITS#5719) * Fixed slapd-bdb entry return if attr not present (ITS#5650) * Fixed slapd-bdb/hdb release search entries earlier (ITS#5728,ITS#5730) * Fixed slapd-bdb/hdb subtree search with empty suffix (ITS#5729) * Fixed slapo-memberof internal operations DN (ITS#5622) * Fixed slapo-pcache attrset crash (ITS#5665) * Fixed slapo-pcache caching with invalid schema (ITS#5680) * Fixed slapo-ppolicy control return on password modify exop (ITS#5711) - removed obsolete patches * Mon Oct 06 2008 rhafer@suse.de - remove some problematic test-cases, that cause a lot of unreproducable buildfailures - check for exisitence of /etc/openldap/slapd.conf in init-script assume back-config usage if it isn't present (bnc#428168) * Wed Sep 24 2008 rhafer@suse.de - Mark Schema and SuSEfirewall files as %%config - openldap2-back-perl requires perl - Give more meaningful error messages when index configuration fails (bnc#429150) * Fri Sep 19 2008 rhafer@suse.de - Reduced debug-level during "make test" to reduce required disk space and buildtime * Thu Sep 18 2008 rhafer@suse.de - Fixed init-script dependencies (bnc#426214) * Fri Sep 12 2008 rhafer@suse.de - Backported fix for a crash in back-config when adding entries with a too large index (ITS#5684) - Backported fix for a crash when adding an invalid olcBdbConfig Entry to back-config (ITS#5698) * Tue Sep 09 2008 rhafer@suse.de - Removed getaddrinfo workaround. Recent glibc doesn't need it anymore (bnc#288879, ITS#5251) - Server requires libldap of the same version. * Mon Sep 08 2008 rhafer@suse.de - Import back-config support for deleting databases from CVS HEAD * Tue Sep 02 2008 rhafer@suse.de - Dropped evolution specific ntlm-bind Patch (Fate#303480) * Thu Aug 28 2008 rhafer@suse.de - added ldapns.schema , to allow to use pam_ldap's "check_host_attr" and "check_service_attr" features (bnc#419984) - backport overlay_register_control fix from HEAD (bnc#420016, ITS#5649) * Mon Aug 18 2008 mrueckert@suse.de - remove outdated options in the fillup_and_insserv call * Mon Aug 18 2008 rhafer@suse.de - fixed LSB-Headers in init-script * Wed Aug 13 2008 ro@suse.de - try to fix build for buildservice (BUILD_INCARNATION can be empty) * Mon Aug 11 2008 rhafer@suse.de - /usr/lib/sasl2/slapd.conf was moved to /etc/sasl2/slapd.conf (bnc#412652) - adjust ownerships of database directories even when using back-config * Thu Jul 31 2008 rhafer@suse.de - Enable back-config delete support * Tue Jul 29 2008 rhafer@suse.de - Update to Version 2.4.11. Most important changes: * Fixed liblber ber_get_next length decoding (ITS#5580) * Added libldap assertion control (ITS#5560) * Fixed liblutil missing return code (ITS#5615) * Fixed slapd cert serial number parsing (ITS#5588) * Fixed slapd check for structural_class failures (ITS#5540) * Fixed slapd config backend renumbering (ITS#5571) * Fixed slapd configContext OID (ITS#5383) * Fixed slapd crash with no listeners (ITS#5563) * Fixed slapd sets memory leak (ITS#5557) * Fixed slapd sortvals binary search (ITS#5578) * Fixed slapd syncrepl updates with multiple masters (ITS#5597) * Fixed slapd syncrepl superior objectClass delete/add (ITS#5600) * Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596) * Fixed slapo-memberof replace handling (ITS#5584) * Added slapo-nssov contrib module * Fixed slapo-pcache handling of negative search caches (ITS#5546) * Fixed slapo-ppolicy DNs with whitespaces (ITS#5552) * Fixed slapo-ppolicy modify with internal ops (ITS#5569) * Fixed slapo-syncprov ACL evaluation (ITS#5548) * Fixed slapo-syncprov crash with delcsn (ITS#5589) * Fixed slapo-syncprov full reload (ITS#5564) * Fixed slapo-syncprov missing olcSpReloadHint attr(ITS#5591) * Fixed slapo-unique filter normalization (ITS#5581) * Mon Jun 30 2008 rhafer@suse.de - Only apply -fPIE patch to recent Distributions - removed -fPIE from the slapcat-2.3 build - Adjust BuildRequires for older Distributions * Fri Jun 27 2008 coolo@suse.de - make sure the subpacks are only in one spec file declared * Tue Jun 24 2008 rhafer@suse.de - branched off libldap-2_4-2 package to support the shared library packaging policy * Wed Jun 11 2008 rhafer@suse.de - Update to Version 2.4.10. Most important changes: * Fixed libldap ld_defconn cleanup if it was freed (ITS#5518, ITS#5525) * Fixed libldap msgid handling (ITS#5318) * Fixed libldap t61 infinite loop (ITS#5542) * Fixed libldap_r missing stubs (ITS#5519) * Fixed slapd initialization of sr_msgid, rs->sr_tag (ITS#5461) * Fixed slapd missing termination of integerFilter keys (ITS#5503) * Fixed slapd multiple attrs in URI (ITS#5516) * Fixed slapd sasl_ssf retrieval (ITS#5403) * Fixed slapd socket assert (ITS#5489) * Fixed slapd syncrepl cookie (ITS#5536) * Fixed slapd-bdb/hdb MAXPATHLEN (ITS#5531) * Fixed slapd-bdb indexing in single ADD/MOD (ITS#5521) * Fixed slapd-ldap entry_get() op-dependent behavior (ITS#5513) * Fixed slapd-meta quarantine crasher (ITS#5522) * Fixed slapo-refint to allow setting modifiers name (ITS#5505) * Fixed slapo-syncprov contextCSN passing on syncprov consumers (ITS#5488) * Fixed slapo-syncprov csn update with delta-syncrepl (ITS#5493) * Fixed slapo-syncprov op2.o_extra reset (ITS#5501, #5506) * Fixed slapo-syncprov searching wrong backend (ITS#5487) * Fixed slapo-syncprov sending ops without queued CSNs (ITS#5465) * Fixed slapo-syncprov max csn search on startup (ITS#5537) * Fixed slapo-unique config structs (ITS#5526) * Fixed slapo-unique filter terminator (ITS#5511) * Fri May 16 2008 rhafer@suse.de - Support update from 2.3 releases (bnc#390247) * Thu May 08 2008 rhafer@suse.de - Update to Version 2.4.9. Most important changes: * Fixed libldap to use unsigned port (ITS#5436) * Fixed libldap error message for missing close paren (ITS#5458) * Fixed libldap_r tpool pause checks (ITS#5364, #5407) * Fixed slapcat error checking (ITS#5387) * Fixed slapd abstract objectClass inheritance check (ITS#5474) * Fixed slapd add operations requiring naming attrs (ITS#5412) * Fixed slapd connection handling (ITS#5469) * Fixed slapd frontendDB backend selection (ITS#5419) * Fixed slapd pagedresults stale state (ITS#5409) * Fixed slapd pointer dereference (ITS#5388) * Fixed slapd null argument dereference (ITS#5435) * Fixed slapd REP_ENTRY flags (ITS#5340) * Fixed slapd value list termination (ITS#5450) * Fixed slapd-bdb ID_NOCACHE handling (ITS#5439) * Fixed slapd-bdb entryinfo state if db_lock fails (ITS#5455) * Fixed slapd-bdb referral rewrite (ITS#5339) * Fixed slapd-config overlay stacking (ITS#5346) * Fixed slapd-config attribute publishing (ITS#5383) * Fixed slapd-ldap connection handler (ITS#5404) * Fixed slapd-ldif file name handling & multi-suffix/dir catch (ITS#5408) * Fixed slapd-meta connections on error (ITS#5440) * Fixed slapd-meta crash on search (ITS#5481) * Various syncrepl fixes (ITS#5407, ITS#5413, ITS#5426, ITS#5430, ITS#5432, ITS#5454, ITS#5397, ITS#5470) * Various slapo-syncprov fixes (ITS#5401, ITS#5405, ITS#5418, ITS#5486, ITS#5433, ITS#5434, ITS#5437, ITS#5444, ITS#5445, ITS#5484, ITS#5451) * Fri Apr 25 2008 rhafer@suse.de - Adjust ownership of DB_CONFIG to ldap:ldap (bnc#376204) * Thu Apr 10 2008 matz@suse.de - Compile with glibc 2.8. * Thu Apr 10 2008 ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support * Thu Apr 03 2008 rhafer@suse.de - removed apparmor profile * Mon Mar 03 2008 rhafer@suse.de - revert last change and make libldap_r available again as some packages seem to directly rely on libldap_r. Assume they know of the libldap_r's limitations. * Wed Feb 27 2008 rhafer@suse.de - Moved libldap_r from -client subpackage to the main server package as it is only meant to be used by slapd. - Removed static libldap_r.a library and libldap_r.so link from -devel subpackage. External programs should only use the "normal" libldap library. * Wed Feb 20 2008 rhafer@suse.de - Update to Version 2.4.8. Most important changes: * Fixed libldap extended decoding (ITS#5304) * Fixed libldap filter abort (ITS#5300) * Fixed libldap ldap_parse_sasl_bind_result (ITS#5263) * Fixed libldap result codes for open (ITS#5338) * Fixed libldap search timeout crash (ITS#5291) * Fixed libldap paged results crash (ITS#5315) * Fixed slapd support for 2.1 CSN (ITS#5348) * Fixed slapd include handling (ITS#5276) * Fixed slapd modrdn check for valid new DN (ITS#5344) * Fixed slapd multi-step SASL binds (ITS#5298) * Fixed slapd overlay ordering when moving to slapd.d (ITS#5284) * Fixed slapd NULL printf (ITS#5264) * Fixed slapd NULL set values (ITS#5286) * Fixed slapd timestamp race condition (ITS#5370) * Fixed slapd cn=config crash on delete (ITS#5343) * Fixed slapd cn=config global acls (ITS#5352) * Fixed slapd truncated cookie (ITS#5362) * Fixed slapd str2entry with no attrs (ITS#5308) * Fixed slapd TLSVerifyClient default (ITS#5360) * Fixed slapd delta-syncrepl refresh mode (ITS#5376) * Fixed slapd ACL sets URI attrs (ITS#5384) * Fixed slapd invalid entryUUID filter (ITS#5386) * Fixed slapd-bdb idlcache on adds (ITS#5086) * Fixed slapd-bdb crash with modrdn (ITS#5358) * Fixed slapd-bdb modrdn to same dn (ITS#5319) * Fixed slapd-bdb MMR (ITS#5332) * Fixed slapd-meta setting of sm_nvalues (ITS#5375) * Fixed slapd-monitor crash (ITS#5311) * Fixed slapo-ppolicy only password check with policy (ITS#5285) * Fixed slapo-ppolicy del/replace password without new one (ITS#5373) * Fixed slapo-syncprov hang on checkpoint (ITS#5261) * Thu Jan 10 2008 rhafer@suse.de - Removed bogus debugging output from slapd_getaddrinfo_dupl.dif * Wed Jan 09 2008 rhafer@suse.de - Fixed allocation for paged results cookie (Bug #352255, ITS#5315) * Fri Dec 14 2007 rhafer@suse.de - Update to Version 2.4.7. Most important changes: * Added slapd ordered indexing of integer attributes (ITS#5239) * Fixed slapd paged results control handling (ITS#5191) * Fixed slapd sasl-host parsing (ITS#5209) * Fixed slapd filter normalization (ITS#5212) * Fixed slapd multiple suffix checking (ITS#5186) * Fixed slapd paged results handling when using rootdn (ITS#5230) * Fixed slapd syncrepl presentlist handling (ITS#5231) * Fixed slapd core schema 'c' definition for RFC4519 (ITS#5236) * Fixed slapd 3-way Multi-Master Replication (ITS#5238) * Fixed slapd hash collisions in index slots (ITS#5183) * Fixed slapd replication of dSAOperation attributes (ITS#5268) * Fixed slapadd contextCSN updating (ITS#5225) * Fixed slapd-bdb/hdb to report and fail on internal errors (ITS#5232) * Fixed slapd-bdb/hdb dn2entry lock bug (ITS#5257) * Fixed slapd-bdb/hdb dn2id lock bug (ITS#5262) * Fixed slapd-hdb caching on rename ops (ITS#5221) * Fixed slapo-accesslog abandoned op cleanup (ITS#5161) * Fixed slapo-dds deleting from nonexistent db (ITS#5267) * Fixed slapo-memberOf deleted values saving (ITS#5258) * Fixed slapo-pcache op->o_abandon handling (ITS#5187) * Fixed slapo-ppolicy single password check on modify (ITS#5146) * Fixed slapo-ppolicy internal search (ITS#5235) * Fixed slapo-syncprov refresh and persist cookie sending (ITS#5210) * Fixed slapo-syncprov ignore invalid cookies (ITS#5211) * Fixed slapo-translucent interaction with slapo-rwm (ITS#4889) * Thu Nov 29 2007 rhafer@suse.de - check for duplicates in getaddrinfo results and ignore them. (Bug #288879) * Tue Nov 27 2007 rhafer@suse.de - The init-script removed directory access on /etc/openldap/slapd.d (Bug #344091) * Mon Nov 26 2007 rhafer@suse.de - Update to Version 2.4.6. Initial 2.4 release for "general use". New features: * Usability/Manageability: - More complete Documentation (manual pages and Admin Guide) - dynamic configuration and monitoring improvments * More functionality - New overlays (dds, memberof, constraint) - Multimaster syncrepl replication * Performance improvments: - Further optimized frontend - Reduced locking contention in backend - back-config support through new sysconfig option "OPENLDAP_CONFIG_BACKEND" - Install admin guide from the main tarball, to get rid of the admin-guide tarball - New sysconfig options: * OPENLDAP_START_LDAP to allow to disable the ldap:// listener * OPENLDAP_LDAPI_INTERFACES to specify the paths for the ldapi:/// listeners * Mon Oct 29 2007 rhafer@suse.de - Update to Version 2.3.39. Most important changes: * Fixed slapd database/overlay config conflict (ITS#4848) * Fixed slapd password_hash config order (ITS#5082) * Fixed slapd slap_mods_check bug (ITS#5119) * Fixed slapd ACL sets memory handling (ITS#4860,ITS#4873) * Fixed slapd ordered values add normalization issue (ITS#5136) * Fixed slapd-bdb DB_CONFIG conversion bug (ITS#5118) * Fixed slapd-ldap search control parsing (ITS#5138) * Fixed slapd-ldap SASL idassert w/o authcId * Fixed slapd-ldif directory separators in DN (ITS#5172) * Fixed slapd-meta conn caching on bind failure (ITS#5154) * Fixed slapd-meta bind timeout assertion (ITS#5185) * Fixed slapd-sql concurrency issue (ITS#5095) * Fixed slapo-chain double-free (ITS#5137) * Fixed slapo-pcache and -rwm interaction fix (ITS#4991) * Fixed slapo-pcache non-null terminated array crasher (ITS#5163) * Fixed slapo-rwm modlist handling (ITS#5124) * Fixed slapo-rwm UUID in filter (ITS#5168) * Fixed sasl SASL_SSF_EXTERNAL type (ITS#3864) * Fixed liblber Windows x64 portability (ITS#5105) * Fixed libldap ppolicy control creation (ITS#5103) - Silenced some rpmlint warnings * Wed Aug 22 2007 rhafer@suse.de - Call "ldconfig" from %%post and %%postun in openldap2-client (Bug #298297) * Tue Jul 24 2007 rhafer@suse.de - Update to Version 2.3.37. Most important changes: * Fixed slapd-glue/syncprov interaction (ITS#4623) * Fixed slapd-ldap search reference crash (ITS#5025) * Fixed slapd-ldbm crash on Compare op (ITS#5044) * Fixed slapo-rwm searchFilter double free (ITS#5043) - Most important changes in 2.3.36: * Fixed slapd mutex bug after failed startup (ITS#4957) * Fixed slapd sasl failed Bind bug (ITS#4954) * Fixed slapd sasl ssf logging (ITS#5001) * Fixed slapd tool op init (ITS#4911) * Fixed slapd-bdb no-op crasher (ITS#4925) * Fixed slapd-relay crash when no database can be selected (ITS#4958) * Fixed slapo-chain RFC3062 passwd exop handling (ITS#4964) * Fixed slapo-dynlist multiple group/url[/member] config (ITS#4989) * Fixed slapo-pcache handling of abandoned Operations (#5015) * Fixed slapo-pcache and -rwm interaction (ITS#4991) * Fixed slapo-ppolicy pwdReset/pwdMinAge (ITS#4970) * Fixed slapo-ppolicy control cleanup from ITS#4665 * Fixed slapo-syncprov cookie parsing error (ITS#4977) * Fixed slapo-valsort crash on delete op (ITS#4966) * Fixed libldap referral chasing loop (ITS#4955) * Fixed libldap response code handling on rebind (ITS#4924) * Fixed libldap SASL_MAX_BUFF_SIZE (ITS#4935) * Wed Jun 13 2007 dmueller@suse.de - remove binutils prereq * Mon May 21 2007 dmueller@suse.de - reduce duplicated buildrequires against db42 and db45 * Tue May 15 2007 rhafer@suse.de - imported apparmor profile from apparmor (this profile is not enabled by default) * Fri May 04 2007 rhafer@suse.de - Update to Version 2.3.35. Most important changes: * Fixed ldapmodify to use correct memory free functions (ITS#4901) * Fixed slapd acl set minor typo (ITS#4874) * Fixed slapd entry consistency check in str2entry2 (ITS#4852) * Fixed slapd ldapi:// credential issue (ITS#4893) * Fixed slapd str2anlist handling of undefined attrs/OCs (ITS#4854) * Fixed slapd syncrepl delta-sync modlist free (ITS#4904) * Added slapd syncrepl retry logging (ITS#4915) * Fixed slapd zero-length IA5string handling (ITS#4823) * Fixed slapd-bdb/hdb startup with missing shm env (ITS#4851) * Fixed slapd-ldap/meta consistency in referral proxying (ITS#4861) * Fixed slapd-ldap bind cleanup in case of unauthorized idassert * Fixed slapd-meta search cleanup * Fixed slapd-meta/slapo-rwm filter mapping * Fixed slapd-sql subtree shortcut (ITS#4856) * Fixed slapo-dynlist crasher (ITS#4891) * Fixed slapo-refint config message (ITS#4853) * Fixed libldap time_t signedness (ITS#4872) * Fixed libldap_r tpool reset (ITS#4855,#4899) * Wed May 02 2007 dmueller@suse.de - Fix comparison with string literal * Wed Apr 18 2007 schwab@suse.de - Fix generation of debuginfo packages. * Tue Mar 20 2007 rguenther@suse.de - removed krb5-devel BuildRequires (support via cyrus-sasl) * Thu Mar 15 2007 rhafer@suse.de - added Service definitions for SuSEfirewall2 (Bug #251654) * Thu Feb 22 2007 rhafer@suse.de - Updated to Version 2.3.34. Most important changes: * Fixed libldap missing get_option(TLS CipherSuite) (ITS#4815) * Fixed ldapmodify printing error from ldap_result() (ITS#4812) * Fixed slapadd LDIF parsing (ITS#4817) * Fixed slapd libltdl link ordering (ITS#4830) * Fixed slapd syncrepl memory leaks (ITS#4805) * Fixed slapd dynacl/ACI compatibility with 2.1 * Fixed slapd-bdb/hdb be_entry_get with aliases/referrals (ITS#4810) * Fixed slapd-ldap more response handling bugs (ITS#4782) * Fixed slapd-ldap C-API code tests (ITS#4808) * Fixed slapd-monitor NULL printf (ITS#4811) * Fixed slapo-chain spurious additional info in response (ITS#4828) * Fixed slapo-syncprov presence list (ITS#4813) * Fixed slapo-syncprov contextCSN checkpoint again (ITS#4720) * Added slapo-ppolicy cn=config support (ITS#4836) * Added slapo-auditlog cn=config support * Fri Jan 26 2007 rhafer@suse.de - Updated to Version 2.3.33. Most important changes: * Fixed slapd-ldap chase-referrals switch (ITS#4557) * Fixed slapd-ldap bind behavior when idassert is always used (ITS#4781) * Fixed slapd-ldap response handling bugs (ITS#4782) * Fixed slapd-ldap idassert mode=self anonymous ops (ITS#4798) * Fixed slapd-ldap/meta privileged connections handling (ITS#4791) * Fixed slapd-meta retrying (ITS#4594, 4762) * Fixed slapo-chain referral DN use (ITS#4776) * Fixed slapo-dynlist dangling pointer after entry free (ITS#4801) * Fixed libldap ldap_pvt_put_filter syntax checks (ITS#4648) * Fri Jan 12 2007 rhafer@suse.de - Updated to Version 2.3.32. Most important changes: * Fixed libldap unchased referral leak (ITS#4545) * Fixed libldap tls callback (ITS#4723) * Fixed slapd memleak on failed bind (ITS#4771) * Fixed slapd connections_shutdown assert * Fixed slapd add redundant duplicate value check (ITS#4600) * Fixed slapd ACL set memleak (ITS#4780) * Fixed slapd syncrepl shutdown hang (ITS#4790) * Fri Nov 17 2006 rhafer@suse.de - Fix for a flaw in libldap's strval2strlen() function when processing the authcid string of certain Bind Requests, which could allow attackers to cause an affected application to crash (especially the OpenLDAP Server), creating a denial of service condition (Bug#221154,ITS#4740) * Tue Nov 14 2006 rhafer@suse.de - Additional back-perl fixes from CVS. The first revision of the patch did not fix the problem completely (Bug#207618, ITS#4751) * Fri Oct 27 2006 rhafer@suse.de - cyrus-sasl configuration moved from %%{_libdir}/sasl2 to /etc/sasl2/ (Bug: #206414) * Wed Oct 04 2006 rhafer@suse.de - Add $network to Should-Start/Should-Stop in init scripts (Bug: #206823) - Imported latest back-perl changes from CVS, to fix back-perl initialization (Bug: #207618) * Tue Aug 22 2006 rhafer@suse.de - Updated to Version 2.3.27 * Fixed libldap dnssrv bug with "not present" positive statement (ITS#4610) * Fixed libldap dangling pointer issue (ITS#4405) * Fixed slapd incorrect rebuilding of replica URI (ITS#4633) * Fixed slapd DN X.509 normalization crash (ITS#4644) * Fixed slapd-monitor operations order via callbacks (ITS#4631) * Fixed slapo-accesslog purge task during shutdown * Fixed slapo-ppolicy handling of default policy (ITS#4634) * Fixed slapo-ppolicy logging verbosity when using default policy * Fixed slapo-syncprov incomplete sync on restart issues (ITS#4622) * Wed Aug 02 2006 rhafer@suse.de - Updated to Version 2.3.25 * Add libldap_r TLS concurrency workaround (ITS#4583) * Fixed slapd acl selfwrite bug (ITS#4587) * Fixed various syncrepl and slapo-syncprov bugs (ITS#4582, 4622, 4534,4613, 4589) * Fixed slapd-bdb/hdb lock bug with virtual root (ITS#4572) * Fixed slapd-bdb/hdb modrdn new entry disappearing bug (ITS#4616) * Fixed slapd-bdb/hdb cache job issue * Fixed slapo-ppolicy password hashing bug (ITS#4575) * Fixed slapo-ppolicy password modify pwdMustChange reset bug (ITS#4576) * Fixed slapo-ppolicy control can be critical (ITS#4596) - Enabled CLDAP (LDAP over UDP) support * Mon Jun 26 2006 rhafer@suse.de - Updated to Version 2.3.24 * Fixed slapd syncrepl timestamp bug (delta-sync/cascade) (ITS#4567) * Fixed slapd-bdb/hdb non-root users adding suffix/root entries (ITS#4552) * Re-fixed slapd-ldap improper free bug in exop (ITS#4550) * Fixed slapd-ldif assert bug (ITS#4568) * Fixed slapo-syncprov crash under glued database (ITS#4562) - cleaned up SLES10 update specific stuff - added "chain-return-error" feature from HEAD to chain overlay (ITS#4570) * Thu Jun 22 2006 schwab@suse.de - Don't use automake macros without using automake. * Wed May 24 2006 rhafer@suse.de - Updated to Version 2.3.23 * obsoletes the patches: libldap_ads-sasl-gssapi.dif, slapd-epollerr.dif * Fixed slapd-ldap improper free bug (ITS#4550) * Fixed libldap referral input destroy issue (ITS#4533) * Fixed libldap ldap_sort_entries tail bug (ITS#4536) * Fixed slapd runqueue use of freed memory (ITS#4517) * Fixed slapd thread pool init issue (ITS#4513) * Fixed slapd-bdb/hdb pre/post-read freeing (ITS#4532) * Fixed slapd-bdb/hdb pre/post-read unavailable issue (ITS#4538) * Fixed slapd-bdb/hdb referral issue (ITS#4548) * Fixed slapo-ppolicy BER tags issue (ITS#4528) * Fixed slapo-ppolicy rebind bug (ITS#4516) * For more details see the CHANGES file - Install CHANGES file to /usr/share/doc/packages/openldap2 * Wed May 10 2006 rhafer@suse.de - Really apply the patch for Bug#160566 - slapd could crash while processing queries with pre-/postread controls (Bug#173877, ITS#4532) * Fri Mar 24 2006 rhafer@suse.de - Backported fix from CVS for occasional crashes in referral chasing code (as used in e.g. back-meta/back-ldap). (Bug: #160566, ITS: #4448) * Mon Mar 13 2006 rhafer@suse.de - openldap2 must obsolete -back-monitor and -back-ldap to have them removed during update (Bug: #157576) * Fri Feb 17 2006 rhafer@suse.de - Add "external" to the list of supported SASL mechanisms (Bug: #151771) * Thu Feb 16 2006 rhafer@suse.de - Error out when conversion from old configfile to config database fails (Bug: #135484,#135490 ITS: #4407) * Mon Feb 13 2006 rhafer@suse.de - Don't ignore non-read/write epoll events (Bug: #149993, ITS: #4395) - Added update message to /usr/share/update-messages/en/ and enable it, when update did not succeed. * Thu Feb 09 2006 rhafer@suse.de - OPENLDAP_CHOWN_DIRS honors databases defined in include files (Bug: #135473) - Fixed version numbers in README.update - Fixed GSSAPI binds against Active Directory (Bug: #149390) * Fri Feb 03 2006 rhafer@suse.de - Cleaned up update procedure - man-pages updates and fixes (Fate: #6365) * Fri Jan 27 2006 rhafer@suse.de - Updated to 2.3.19 (Bug #144371) * Fri Jan 27 2006 mls@suse.de - converted neededforbuild to BuildRequires * Wed Jan 25 2006 rhafer@suse.de - Updated Admin Guide to latest version - build slapcat from openldap-2.2.24 and install it to /usr/sbin/openldap-2.2-slapcat to be able to migrate from OpenLDAP 2.2. - removed slapd-backbdb-dbupgrade which is no longer needed - attempt to dump/reload bdb databases in %%{post} - Update notes in README.update * Fri Jan 13 2006 rhafer@suse.de - New sysconfig variable OPENLDAP_KRB5_KEYTAB - Cleanup in default configuration and init scripts * Wed Jan 11 2006 rhafer@suse.de - Updated to 2.3.17 - Remove OPENLDAP_RUN_DB_RECOVER from sysconfig file in %%post slapd does now automatically recover the database if needed - Removed unneeded README.SuSE - Small adjustments to the default DB_CONFIG file * Mon Jan 09 2006 rhafer@suse.de - Updated to 2.3.16 * Mon Dec 19 2005 rhafer@suse.de - Fixed filelist (slapd-hdb man-page was missing) * Fri Dec 09 2005 rhafer@suse.de - Fixed build on x86_64 * Wed Dec 07 2005 rhafer@suse.de - Merged -back-ldap and -back-monitor subpackages into the main package and don't build them as dynamic modules anymore. - updated to OpenLDAP 2.3.13 * Mon Nov 28 2005 rhafer@suse.de - updated to OpenLDAP 2.3.12 * Wed Oct 26 2005 rhafer@suse.de - updated to OpenLDAP 2.3.11 - removed the "LDAP_DEPRECATED" workaround * Mon Sep 26 2005 rhafer@suse.de - Add "LDAP_DEPRECATED" to ldap.h for now * Fri Sep 23 2005 rhafer@suse.de - updated to OpenLDAP 2.3.7 * Tue Aug 16 2005 rhafer@suse.de - allow start_tls while chasing referrals (Bug #94355, ITS #3791) * Mon Jul 04 2005 rhafer@suse.de - devel-subpackage requires openldap2-client of the same version (Bugzilla: #93579) * Thu Jun 30 2005 uli@suse.de - build with -fPIE (not -fpie) to avoid GOT overflow on s390* * Wed Jun 22 2005 rhafer@suse.de - build the server packages with -fpie/-pie * Wed Jun 15 2005 rhafer@suse.de - updated to 2.2.27 * Wed May 25 2005 rhafer@suse.de - libldap-gethostbyname_r.dif: Use gethostbyname_r instead of gethostbyname in libldap. Should fix host lookups through nss_ldap (Bugzilla: #76173) * Fri May 13 2005 rhafer@suse.de - Updated to 2.2.26 - made /%%{_libdir}]/sasl2/slapd.conf %%config(noreplace) * Thu Apr 28 2005 rhafer@suse.de - Added /%%{_libdir}]/sasl2/slapd.conf to avoid warnings about unconfigured OTP mechanism (Bugzilla: #80588) * Tue Apr 12 2005 rhafer@suse.de - added minimal timeout to startproc in init-script to let it report the "failed" status correctly in case of misconfiguration (Bugzilla: #76393) * Mon Apr 04 2005 rhafer@suse.de - crl-check.dif: Implements CRL checking on client and server side - use different base ports for differnt values of BUILD_INCARNATION (/.buildenv) to allow parallel runs of the test-suite on a single machine * Mon Apr 04 2005 uli@suse.de - force yielding-select test to yes (test occasionally hangs QEMU) * Fri Apr 01 2005 uli@suse.de - disable test suite on ARM (hangs QEMU) * Tue Mar 29 2005 rhafer@suse.de - updated to 2.2.24 - enabled back-hdb * Wed Mar 02 2005 rhafer@suse.de - syncrepl.dif: merged latest syncrepl fixes (Bugzilla: #65928) - libldap-reinit-fdset.dif: Re-init fd_sets when select is interupted (Bugzilla #50076, ITS: #3524) * Thu Feb 17 2005 rhafer@suse.de - checkproc_before_recover.dif: Check if slapd is stopped before running db_recover from the init script. (Bugzilla: #50962) * Tue Feb 01 2005 rhafer@suse.de - Cleanup back-bdb databases in %%post, db-4.3 changed the transaction log format again. - cosmetic fixes in init script * Tue Jan 25 2005 rhafer@suse.de - updated to 2.2.23 - cleaned up #neededforbuild - package should also build on older SuSE Linux releases now - increased killproc timeout in init-script (Bugzilla: #47227) * Thu Jan 13 2005 rhafer@suse.de - updated to 2.2.20 - Removed unneeded dependencies * Fri Dec 10 2004 kukuk@suse.de - don't install *.la files * Wed Nov 10 2004 rhafer@suse.de - updated to 2.2.18 - use kerberos-devel-packages in neededforbuild * Fri Sep 24 2004 ro@suse.de - re-arranged specfile to sequence (header (package/descr)* rest) so the checking parser is not confused ... * Fri Sep 24 2004 rhafer@suse.de - Added pre_checkin.sh to generate a separate openldap2-client spec-file from which the openldap2-client and openldap2-devel subpackages are built. Should reduce build time for libldap as the test-suite is only executed in openldap2.spec. * Fri Sep 10 2004 rhafer@suse.de - libldap-result.dif: ldapsearch was hanging in select() when retrieving results from eDirectory through a StartTLS protected connection (Bugzilla #44942) * Mon Aug 09 2004 dobey@suse.de - added ntlm support * Tue Aug 03 2004 rhafer@suse.de - updated to 2.2.16 - Updated ACLs in slapd_conf.dif to disable default read access to the "userPKCS12" Attribute - rc-check-conn.diff: When starting slapd wait until is accepts connections, or 10 seconds at maximum (Bugzilla #41354) - Backported -o slp={on|off} feature from OpenLDAP Head and added new sysconfig variable (OPENLDAP_REGISTER_SLP) to be able to switch SLP registration on and off. (Bugzilla #39865) - removed unneeded README.update * Fri Apr 30 2004 rhafer@suse.de - updated to 2.2.11 - remove SLES8 update specific stuff - Bugzilla #39652: Updated slapd_conf.dif to contain basic access control - Bugzilla #39468: Added missing items to yast.schema - fixed strict-aliasing compiler warnings (strict-aliasing.dif) * Thu Apr 29 2004 coolo@suse.de - build with several jobs if available * Mon Apr 19 2004 rhafer@suse.de - ldapi_url.dif: Fixed paths for LDAPI-socket, pid-file and args-file (Bugzilla #38790) - ldbm_modrdn.dif: Fixed back-ldbm modrdn indexing bug (ITS #3059, Bugzilla #38915) - modify_check_duplicates.dif: check for duplicate attribute values in modify requests (ITS #3066/#3097, Bugzilla #38607) - updated and renamed yast2userconfig.schema to yast.schema as it contains more that only user configuration now - syncrepl.dif: addtional fixes for syncrepl (ITS #3055, #3056) - test_syncrepl_timeout: increased sleep timeout in syncrepl testsuite * Thu Apr 01 2004 rhafer@suse.de - added "TLS_REQCERT allow" to /etc/openldap/ldap.conf, to make START_TLS work without access to the CA Certificate. (Bugzilla: #37393) * Fri Mar 26 2004 rhafer@suse.de - fixed filelist - check-build.sh (build on kernel >= 2.6.4 hosts only) - yast2user.schema / slapd.conf fixed (#37076) - don't check for TLS-options is init-script anymore (#33560) - fixed various typos in README.update * Wed Mar 17 2004 rhafer@suse.de - fixed build of openldap-2.1-slapcat (using correct db41 include files, build backends as on sles8) - attempt to update bdb database and reindex ldbm database in %%{post} - Update notes in README.update - better default configuration (including default DB_CONFIG file) - misc updates for the YaST schema - fixed crasher in syncrepl-code (syncrepl.dif) * Tue Mar 16 2004 schwab@suse.de - Fix type mismatch. * Tue Mar 02 2004 rhafer@suse.de - updated to 2.2.6 - build a openldap-2.1-slapcat from 2.1.25 sources to be able to migrate from SLES8 and SL 9.0 * Thu Feb 19 2004 ro@suse.de - added check-build.sh (build on 2.6 hosts only) * Thu Feb 05 2004 rhafer@suse.de - updated to 2.2.5 - adjusted rfc2307bis.schema to support UTF-8 values in most attributes - enabled proxycache-overlay (wiht fix to work with back-ldbm) * Tue Jan 13 2004 rhafer@suse.de - updated to 2.2.4 - updated Admin Guide to most recent version * Sat Jan 10 2004 adrian@suse.de - add %%defattr - fix build as user * Mon Dec 08 2003 rhafer@suse.de - updated to 2.1.25 - small fixes for the YaST user schema * Tue Nov 11 2003 rhafer@suse.de - enabled SLP-support * Fri Oct 17 2003 kukuk@suse.de - Remove unused des from neededforbuild * Tue Sep 02 2003 mt@suse.de - Bugzilla #29859: fixed typo in sysconfig metadata, usage of OPENLDAP_LDAPS_INTERFACES in init script - added /usr/lib/sasl2/slapd.conf permissions handling - added sysconfig variable OPENLDAP_SLAPD_PARAMS="" to support additional slapd start parameters - added sysconfig variable OPENLDAP_START_LDAPI=NO/yes for ldapi:/// (LDAP over IPC) URLs * Thu Aug 14 2003 rhafer@suse.de - added activation metadata to sysconfig template (Bugzilla #28911) - removed lint from specfile * Thu Aug 07 2003 rhafer@suse.de - added %%stop_on_removal and %%restart_on_update calls - bdb_addcnt.dif fixes a possible endless loop in id2entry() - addonschema.tar.gz: some extra Schema files (YaST, RFC2307bis) * Wed Jul 16 2003 rhafer@suse.de - removed fillup_only and call fillup_and_insserv correctly - new Options in sysconfig.openldap: OPENLDAP_LDAP_INTERFACES, OPENLDAP_LDAPS_INTERFACES and OPENLDAP_RUN_DB_RECOVER * Tue Jul 01 2003 rhafer@suse.de - updated to 2.1.22 - updated Admin Guide to most recent version - build librewrite with -fPIC * Mon Jun 16 2003 rhafer@suse.de - updated to 2.1.21 * Wed Jun 11 2003 ro@suse.de - fixed requires lines * Mon May 26 2003 rhafer@suse.de - don't link back-ldap against librewrite.a, it's already linked into slapd (package should build on non-i386 Archs again) * Fri May 23 2003 rhafer@suse.de - fixed dynamic build of back-ldap - new subpackage back-ldap * Tue May 20 2003 rhafer@suse.de - updated to version 2.1.20 - enabled dynamic backend modules - new subpackages back-perl, back-meta and back-monitor - remove unpacked files from BuildRoot * Fri May 09 2003 rhafer@suse.de - updated to version 2.1.19 * Tue Apr 15 2003 ro@suse.de - fixed requires for devel-package ... * Tue Apr 15 2003 ro@suse.de - fixed neededforbuild * Thu Feb 13 2003 kukuk@suse.de - Enable IPv6 again * Tue Feb 11 2003 rhafer@suse.de - added /etc/openldap to filelist * Mon Feb 03 2003 rhafer@suse.de - switch default backend to ldbm * Sun Feb 02 2003 ro@suse.de - fixed requires for devel package (cyrus-sasl2-devel) * Fri Jan 31 2003 rhafer@suse.de - liblber.dif: Fixes two bugs in liblber by which remote attackers could crash the LDAP server (Bugzilla #22469, OpenLDAP ITS #2275 and #2280) * Tue Jan 14 2003 choeger@suse.de - build using sasl2 * Mon Jan 13 2003 rhafer@suse.de - updated to version 2.1.12 - added metadata to sysconfig template (Bug: #22666) * Thu Nov 28 2002 rhafer@suse.de - updated to version 2.1.8 - added additional fix of 64bit archs - added secpatch.dif to fix setuid issues in libldap * Fri Sep 06 2002 rhafer@suse.de - fix for Bugzilla ID #18981, chown to OPENLDAP_USER didn't work with multiple database backend directories * Mon Sep 02 2002 rhafer@suse.de - removed damoenstart_ipv6.diff and disabled IPv6 support due to massive problems with nss_ldap * Mon Aug 26 2002 rhafer@suse.de - ldap_user.dif: slapd is now run a the user/group ldap (Bugzilla ID#17697) * Fri Aug 23 2002 rhafer@suse.de - updated to version 2.1.4, which fixes tons of bugs - added damoenstart_ipv6.diff (slapd was not starting when configured to listen on IPv4 and IPv6 interfaces, as done by the start script) - added README.SuSE with some hints about the bdb-backend - updated filelist to include only the man pages of the backends, that were built * Thu Aug 15 2002 rhafer@suse.de - removed termcap and readline from neededforbuild * Thu Aug 08 2002 rhafer@suse.de - enabled {CRYPT} passwords - update filelist (added new manpages) * Thu Jul 25 2002 rhafer@suse.de - patches for 64 bit architectures * Fri Jul 19 2002 rhafer@suse.de - update to 2.1.3 * Fri Jul 05 2002 kukuk@suse.de - fix openldap2-devel requires * Thu Jul 04 2002 rhafer@suse.de - switched back from cyrus-sasl2 to cyrus-sasl * Wed Jul 03 2002 rhafer@suse.de - updated to OpenLDAP 2.1.2 - added the OpenLDAP Administration Guide - enabled additional backends (ldap, meta, monitor) * Mon Jun 10 2002 olh@suse.de - hack build/ltconfig to build shared libs on ppc64 * Wed Jun 05 2002 rhafer@suse.de - created /etc/sysconfig/openldap and OPENLDAP_START_LDAPS variable to enable ldap over ssl support * Thu Mar 07 2002 rhafer@suse.de - Fix for Bugzilla ID#14569 (added cyrus-sasl-devel openssl-devel to the "Requires" Section of the -devel subpackage) * Mon Feb 18 2002 rhafer@suse.de - updated to the latest STABLE release (2.0.23) which fixes some nasty bugs see ITS #1562,#1582,#1577,#1578 * Thu Feb 07 2002 rhafer@suse.de - updated to the latest release (which fixes a index corruption bug) - cleanup in neededforbuild - small fixes for the init-scripts * Thu Jan 17 2002 rhafer@suse.de - updated to the latest stable release (2.0.21) * Wed Jan 16 2002 egmont@suselinux.hu - removed periods and colons from startup/shutdown messages * Tue Jan 15 2002 rhafer@suse.de - updated to v2.0.20 (which fixes a security hole in ACL processing) * Fri Jan 11 2002 rhafer@suse.de - converted archive to bzip2 - makes use of %%{_libdir} now - set CFLAGS to -O0 for archs ia64, s390(x) and alpha otherwise the test suite fails on these archs - changed slapd.conf to store the database under /var/lib/ldap (this patch was missing in the last versions by accident) * Mon Jan 07 2002 rhafer@suse.de - update to v2.0.19 * Thu Dec 06 2001 rhafer@suse.de - eliminated START_LDAP, START_SLURPD variables in rc.config - created separate init script for slurpd - moved init scripts from dif to separate source tgz * Fri Oct 26 2001 choeger@suse.de - update to v2.0.18 * Mon Oct 15 2001 choeger@suse.de - update to v2.0.17 added a sleep to the restart section moved some manpages to the client package * Mon Oct 01 2001 choeger@suse.de - update to v2.0.15 * Wed Sep 12 2001 choeger@suse.de - backported the full bugfix from openldap-2.0.14 * Tue Sep 11 2001 choeger@suse.de - Bugfix for slurpd millionth second bug (ITS#1323) * Mon Sep 10 2001 choeger@suse.de - moved ldapfilter.conf ldaptemplates.conf ldapsearchprefs.conf to openldap2-client package * Mon Sep 03 2001 choeger@suse.de - update to version 2.0.12 * Mon Jul 02 2001 choeger@suse.de - bugfix: init script was not LSB compliant, Bugzilla ID#9072 * Tue Jun 19 2001 ro@suse.de - fixed for autoconf again * Fri Jun 15 2001 choeger@suse.de - update to 2.0.11 - removed autoconf in specfile, because it doesn't work * Wed May 23 2001 choeger@suse.de - update to version 2.0.10 (minor fixes) * Tue May 22 2001 choeger@suse.de - update to version 2.0.9 * Mon Apr 23 2001 choeger@suse.de - removed kerberos support - added aci support * Fri Apr 20 2001 choeger@suse.de - added kerberos support * Thu Apr 05 2001 choeger@suse.de - moved section 5 and 8 manpages to the server part of package * Wed Mar 14 2001 kukuk@suse.de - Move *.so links into -devel package - -devel requires -client * Thu Mar 08 2001 choeger@suse.de - split up into openldap2-client and -devel * Tue Feb 27 2001 ro@suse.de - changed neededforbuild to * Fri Feb 23 2001 ro@suse.de - added readline/readline-devel to neededforbuild (split from bash) * Thu Jan 04 2001 choeger@suse.de - bugfix: slapd.conf rename /var/lib/openldap-ldbm to /var/lib/ldap init script: use $remote_fs * Tue Jan 02 2001 olh@suse.de - use script name in %%post * Thu Dec 07 2000 choeger@suse.de - bugfix from Andreas Jaeger: workaround for glibc2.2, detach * Fri Dec 01 2000 ro@suse.de - hacked configure for apparently broken pthread * Fri Dec 01 2000 ro@suse.de - fixed spec * Thu Nov 23 2000 choeger@suse.de - made configs %%config(noreplace) (Bug 4112) - fixed neededforbuild * Wed Nov 22 2000 choeger@suse.de - adopted new init scheme * Wed Nov 15 2000 choeger@suse.de - fixed neededforbuild * Fri Nov 10 2000 choeger@suse.de - added buildroot * Tue Nov 07 2000 choeger@suse.de - long package name - new version, 2.0.7 * Fri Oct 06 2000 choeger@suse.de - first package of openldap2 (v2.0.6)